• United States



Cybersecurity market research: Top 15 statistics for 2017

May 09, 20175 mins

Numbers paint a picture of the cybersecurity market

Cybersecurity is one of the largest and fastest growing sectors in the technology industry.

To help CSO readers get their arms around this market, Cybersecurity Ventures has provided its top 15 statistics for 2017. (Disclaimer: Steve Morgan is founder and Editor-In-Chief at Cybersecurity Ventures)


1. Global cybersecurity spending is predicted to exceed $1 trillion cumulatively over the next five years, from 2017 to 2021. In 2004, the global cybersecurity market was worth $3.5 billion -- and in 2017 it will reach $120 billion. The cybersecurity market grew by roughly 35X over 13 years.


2. Cybercrime damage costs are predicted to reach $6 trillion globally by 2021, up from $3 trillion in 2015. This includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.


3. There are 1 million cybersecurity job openings in 2017, and that is projected to exceed 1.5 million by 2019. The bobs gap creates opportunity for a more diverse workforce – a chance for women and minorities to enter the trillion dollar cybersecurity field.


4. The cybersecurity unemployment rate remains at zero percent in 2017 (same as 2016). The Palo Alto Research Center reports that by 2019 the demand for cybersecurity professionals will increase to approximately 6 million globally. The implications are that the unemployment needle isn’t going to move anytime soon.


5. The security awareness training market is predicted to reach $10 billion annually by 2027. Training employees how to recognize and defend against cyber attacks is the most underspent sector of the cybersecurity industry.


6. Global healthcare cybersecurity spending is predicted to exceed $65 billion cumulatively over the next five years, from 2017 to 2021. As the healthcare industry continues digitizing all of its information, it continues to attract more attention from cybercriminals. This dynamic will be one of many contributors to the growth of the healthcare security market over the next decade.


7. Ransomware attacks on healthcare organizations are predicted to quadruple by 2020. James Comey, director of the FBI, recently delivered the keynote address at the Boston Conference on Cybersecurity (BCCS 2017). When asked about the biggest cyber threat facing healthcare providers, Comey answered "ransomware", according to a story in the National Law Review.


8. 300 billion passwords will require cyber protection by 2021. The tally includes 100 million human passwords, and 200 million machine (Internet of Things) passwords. Some experts venture the number of passwords may grow even larger than the recent forecast.


9. Wi-Fi and mobile devices are predicted to account for nearly 80 percent of IP traffic by 2025. Wi-Fi and mobile devices will account for 66 percent of IP traffic by 2020, up from 48% in 2015, according to Cisco. The shifting traffic landscape will require CISOs and IT security teams to devote more resources to mobile security.


10. Zero-day exploits will rise from one-per-week in 2015 to one-per-day by 2021. Although strides are being made to produce more secure code through the use of automation and better tools, the sheer volume of code being produced is enormous. And it's only going to grow exponentially to meet the thirst for software for web applications, mobile hardware and devices connected to the Internet of Things.


11. 111 billion lines of new software code will be created – and needs to be secured – in 2017. IT security teams and developers are challenged to keep up with the rapidly expanding application attack surface – which is being fueled by a massively expanding mobile and web app economy.


12. 4 billion people are expected to be online – and need cyber protection – by 2020, up from 2 billion plus last year. By 2030 the human attack surface might equal the world’s population, which is projected to reach 8.5 billion by then, up from 7 billion now.


13. By the end of 2017, all DoD contractors -- about 160,000 or so -- will have to meet regulations (DFARS 252.204-7012) which require prime contractors and their subs to employ adequate security. This is one of many regulations driving the GRC market expansion.


14. Nearly half of all cyber-attacks are committed against small businesses. Small businesses -- who don't train their employees on security risks -- are susceptible to the Business Email Compromise scam (BEC), which the FBI says has led to over $3 billion in losses.


15. 65 percent of respondents to a poll say black-hat hackers are more experienced than white-hats. Black-hats are motivated by money, espionage, notoriety, and malicious intent... and they are faster, more daring, and more experienced than white hats who are constrained by boundaries and rules.


Steve Morgan is the founder and CEO at Cybersecurity Ventures and editor in chief of the Cybersecurity Market Report. The Cybersecurity Market Report is published quarterly and covers the business of cybersecurity, including global market sizing and industry forecasts from consolidated research by IT analyst firms, emerging trends, employment, the federal sector, hot companies to watch, notable M&A, investment and IPO activity, and more.